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DETAILED ACTION 

This action is responsive to the application filed on March 27, 2001. Claims 1-35 are 
pending. Claims 1-35 represent a method for controlling an applets access to resources on a 
network. 

Claim Rejections - 35 USC § 112 

The following is a quotation of the second paragraph of 35 U.S. C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

Claims 1-15 and 35 are rejected under 35 USC. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

As per claims 1 and 35, it is unclear whether the means determining a home site name for 
the applet of the applet is done on the client or server side of the network. 

Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 3 5 1 (a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1 (2) of such treaty in the English language. 
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Claims 1-14, 16-31, and 33-35 are rejected under 35 US C 102(e) as being anticipated 
by Touboul US Patent No. 6,092,194. Toubol discloses the invention as claimed including a 
system to protect a computer from suspicious Downloadables (see abstract). 

As per claims 1, 16, 33, 34, and 35 Touboul discloses a method, a system, a computer 
data signal including a program code, a method from the client and a system with means of 
creating a network connection between an applet executing on a client computer and a content 
server computer, the method comprising: 

determining a home site name for the applet, the home site name corresponding to a host 
name of a computer from which the applet was downloaded to the client computer (determining 
an ID including the original site of download; column 1, lines 36-57; column 2, lines 1-20; 
column 4, lines 41-45; column 5, lines 14-27); 

checking for the presence of a hostname entry in a name directory on the content server 
computer, the hostname entry corresponding to the home site name for the applet (checking to 
see if ID is one of allowable Ids; column 6, lines 38-41) 

permitting the applet to create a network connection with the content server computer if 
the hostname entry was present; and denying permission for the applet to create a network 
connection with the content server computer if the hostname entry was not present (allowing or 
denying connection based on ID; column 4, lines 41-61; column 5, lines 24-29column 6, lines 
41-51; column 7, lines 60-67; column 8, lines 1-6). 
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As per claims 2 and 17, Toubol discloses the method and system of claims 1 and 16, 
wherein checking for the presence of a hostname entry in a name directory on the content server 
computer comprises: 

generating a Uniform Resource Locator for the hostname entry on the content server 
computer (gerenating a ID including a URL; column 4, lines 41-61); and 

sending an HTTP request using the Uniform Resource Locator to the content server 
computer to determine whether the hostname entry is present in the name directory on the 
content server computer (sending he ID Toubol discloses to a Directory; column 4, lines 62-67; 
column 5, lines 1-15). 

As per claims 3 and 19, Toubol discloses the method and system of claims 2 and 17, 
wherein generating a Uniform Resource Locator comprises combining a host name of the 
content server computer, a path name of the name directory and a name of the hostname entry 
(URL includes userlD, intended recipient; column 4, lines 41-61). 

As per claims 4 and 18, Toubol discloses the method and system of claims 2 and 17, 
wherein sending an HTTP request using the Uniform Resource Locator comprises sending an 
HTTP HEAD-request using the Uniform Resource Locator to the content server computer to 
determine whether the hostname entry is present in the name directory on the content server 
computer (column 5, lines 17-29). 
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As per claims 5 and 20, Toubol discloses the method and system of claims 2 and 16, 
further comprising looking up an address of the content server (column 4, lines 41-43). 

As per claims 6 and 21, Toubol discloses the method and system of claims 5 and 20, 
wherein checking for the presence of a hostname entry in a name directory on the content server 
computer comprises using the address of the content server to check for the presence of the 
hostname entry, and wherein permitting the applet to create a network connection with the 
content server computer if the hostname entry was present comprises using the address of the 
content server to create the network connection with the content server (the allowing or denying 
of the connection is based on the Downloadable ID; column 4, lines 41-43, 61-67; column 5, 
lines 16-29). 

As per claim 7, Toubol discloses the method of claim 1, wherein an execution engine 
executes the applet on the client computer, and wherein checking for the presence of a hostname 
entry in a name directory of the content server computer comprises using network restriction 
software in the execution engine to check for the presence of the hostname entry (column 3, lines 
41-67; column 4, lines 1-13). 

As per claims 8 and 25, Toubol discloses the method and system of claims 1 and 16, 
wherein checking for the presence of a hostname entry in a name directory on the content server 
computer comprises using a consistent path name for the name directory (column 4, lines 14-29). 
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As per claims 9 and 26, Toubol discloses the method and system of claims 8 and 16, 
wherein checking for the presence of a hostname entry in a name directory on the content server 
computer comprises using an instruction from the applet on a path name for the name directory 
(column 4, lines 29-40; column 4, lines 49-61; column 5, lines 36-57). 

As per claims 10 and 27, Toubol discloses the method and system of claims 9 and 26, 
wherein using an instruction from the applet on a path name for the name directory comprises 
using a language construct to determine the path name for the name directory (column 4, lines 
29-40; column 4, lines 49-61). 

As per claims 1 1 and 29, Toubol discloses the method and system of claims 1 and 16, 
further comprising using the hostname entry to determine types of network connections that are 
permitted between the applet and the content server computer (column 4, lines 62-67; column 5, 
lines 1-3). 

As per claims 12 and 28, Toubol discloses the method and system of claims 1 and 16, 
wherein checking for the presence of a hostname entry in a name directory on the content server 
computer comprises checking for the presence of a file in the name directory that has a file name 
identical to the home site name for the applet (column 4, lines 49-61; column 6, lines 38-55). 
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As per claims 13 and 30, Toubol discloses the method and system of claims 1 and 16, the 
network restriction software further comprises the performing an address check (column 3, lines 
49-61; column 5, lines 24-29). 

As per claims 14 and 31, Toubol discloses the method of claim 13, wherein performing 
an address check comprises: 

determining an address list for the content server computer (column 4, lines 14-26); 
determining an address list for the computer from which the applet was downloaded 
(column 5, lines 16-29); and 

denying permission for the applet to create a network connection with the content server 
computer if the address list for the content server computer is not a subset of the address list for 
the computer from which the applet was downloaded (column 4, lines 41-61; column 6, lines 41- 
51; column 7, lines 60-67, column 8, lines 1-10). 

As per claim 22, Toubol discloses the client computer system of claim 16, wherein the 
name directory comprises a directory in a file system of the content server computer (column 3, 
lines 42-67; column 4, lines 1-14). 

As per claim 23, Toubol discloses the client computer system of claim 22, wherein the 
hostname entry comprises an empty file in the name directory on the content server computer 
(column 3, lines 42-67; column 4, lines 1-14). 



Application/Control Number; 09/818,302 Page 8 

Art Unit: 2157 

As per claim 25, Toubol discloses the client computer system of claim 16, wherein the 
name directory comprises a file on the content server computer(column 3, lines 42-67; column 4, 
lines 1-14). 



Claim Rejections - 35 USC §103 
The following is a quotation of 35 U S C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 15 and 32 rejected under 35 U.S.C. 103(a) as being unpatentable over Toubol US 
Patent No. 6,092,194 in view of Donaldson US Patent No. 6,321,267. Donaldson discloses the 
invention substantially as claimed including a method for filtering. 

Toubol discloses the method of claims and 30 13, wherein performing an address check 
comprises denying permission for the applet to create a network connection with the content 
server computer if the home site name for the applet is in a digital hash form, and an address 
specified by the digital hash form is not identical to an address for the content server computer 
(column 7, lines 46-59). Toubol does not expressly disclose "dotted quad". Donaldson discloses 
dotted quad. See column 17, lines 16-64; column 27, lines 63-67; column 28, lines 1-10. It 
would have been obvious to a person of ordinary skill in the art at the time of the invention to 
combine the dotted quad of Donaldson with the digital hash of Toubol. A person of ordinary 
skill in the art would have been motivated to do this to simplify the address lists in the database. 
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Conclusion 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

Schneider US Patent Publication No. 2003/01 10161 

Cunningham et al. US Patent No. 6,754,621 

Edery et al. US Patent Publication No, 2002/0013910 

Ji et al. US Patent No. 6,728,886 

Himmel et al. US Patent No. 6,208,995 

Ji US Patent No. 6,983,348 

Shaio US Patent No. 6,571,338 

Hinde European Patent No. 1081918 A2 

Dean, Wallach and Felten; IEEE Publication: Java Security: From HotJava to Netscape 
and Beyond. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Uzma Alam whose telephone number is (703) 305-8420. The 
examiner can normally be reached on Monday-Tuesday 1 1 :30am-8pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on (703) 308 - 7562. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished^ 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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